<%@ page import="java.sql.*" %>
<%--
  Created by IntelliJ IDEA.
  User: 113
  Date: 2020/10/6
  Time: 14:14
  To change this temhplate use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
    <link rel="stylesheet" href="css/bootstrap.css">

    <script src="js/jquery.min.js"></script>
    <script src="js/bootstrap.bundle.js"></script>
    <script src="js/bootstrap.js"></script>
</head>
<body>
<%
    //加载数据库驱动
    Class.forName("com.mysql.jdbc.Driver");
    //建立数据库连接
    String url="jdbc:mysql://localhost:3306/book";
    Connection connection= DriverManager.getConnection(url,"root","root");

    String sql ="select * from user";

    /*String sql ="select * from user where username = ? and password = ?";//使用问号代替参数
    PreparedStatement pstm =connection.prepareStatement(sql);

    pstm.setString(1,request.getParameter("username"));
    pstm.setString(2,request.getParameter("password"));


     */
    PreparedStatement pstm =connection.prepareStatement(sql);
    ResultSet rs=pstm.executeQuery();




    //创建statement对象
   /* Statement stmt=connection.createStatement();
    String sql="select * from user where username='"+request.getParameter("username")+" ";
    //String sql="select * from user where username='admin3' or '1'='1'  //数据库注入
    //执行查询，返回结果集
    ResultSet rs =stmt.executeQuery(sql);
    */

    //遍历结果集数据


%>
<div class="container">
    <div class="row clearfix">
        <div class="col-md-12 column">
            <h3 style="text-align: center">欢迎来到个人主页</h3>
            <a class="btn" id="modal-198502" role="button" href="#modal-container-198502" data-toggle="modal">添加用户</a>
            <table class="table">
                <thead>
                <th>ID</th>
                <th>用户名</th>
                <th>性别</th>
                <th>年龄</th>
                </thead>
                <tbody>
                <%
                    while(rs.next()){
                        out.print("<tr>");
                        out.print(
                                "<td>"+rs.getString("id")
                                        +"</td><td>"+rs.getString("username")
                                        +"</td><td>"+rs.getString("gender")
                                        +"</td><td>"+rs.getString("age")
                                        +"</td>"
                                        +"<td><a href='delete.jsp?id="+rs.getString("id")+"'>删除</a>"
                                        +"&nbsp;<a href='edit.jsp?id="+rs.getString("id")+"'>修改</a>"+
                                        "</td>"

                        );
                        out.print("</tr>");
                    }
                %>
                </tbody>
            </table>
        </div>
    </div>

</div>





</body>
</html>
